Dennis Fisher reports: In an effort to cut off an avenue used in some phishing attacks, Google is planning to block authentication attempts from some apps that use embedded browser frameworks in the near future. The change is part of a broader initiative by the company to get a better handle on when and how…
Category: Commentaries and Analyses
So how’s April so far?
Quick note: I haven’t been posting all the health data breaches or incidents I have already found this month, as in some cases, I’m waiting for responses from entities to my questions. But I am compiling the incidents in my worksheet that I provide to Protenus, Inc. for their analyses and freely available reports. Yesterday,…
The Lack of an Adequate HIPAA Security Risk Assessment is a Common and Costly Mistake by Healthcare Providers: What Providers Can Do Now
Erin Smith Aebel of Shumaker, Loop & Kendrick, LLP writes: Health care providers and others who must comply with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) have specific requirements under the Security Rule to HIPAA when it comes to their maintenance of electronically held protected health information. One of those requirements is…
Italy’s DPA Fines Data Processor for Information Security Failures
Odia Kagan of FoxRothschild writes: Caveat Data Processor. Italian Data Protection Authority, Garante, has issued a 50,000 EUR fine against a data processor platform for its failures to implement several information security measures. Service providers should ensure that the data entrusted to them by their data controller customers is adequately protected. Read more on Privacy…
The 2018 Internet Crime Report is out: a first glance
The The FBI’s Internet Crime Complaint Center (IC3) 2018 Internet Crime Report has been released. The report includes information from 351,936 complaints of suspected Internet crime, with reported losses in excess of $2.7 billion. Here’s a spoiler alert, as I haven’t had time to read the entire report yet. From their summary: This past year,…
Did ransomware claim a victim or did two doctors just make a poor decision?
An article by William Maruca of FoxRothschild is headlined, “Ransomware Claims A Victim.” It discusses the case of Brookside ENT, whose doctors decided to shutter their practice and retire a year early after a ransomware attack that encrypted their patient data, billing information, scheduling information, and even their backups. In other words, the attacker successfully…